[tor-relays] NSA's "Tor Stinks"
Jesse Victors
jvictors at jessevictors.com
Tue Oct 8 19:23:48 UTC 2013
I recently ran across several articles related to the NSA's attempts at
cracking Tor and de-anonymizing its users. They are after terrorists and
other individuals who seek to do harm of course, but their work
obviously has implications into other Tor users, the vast majority of
whom use Tor for legal and proper activities. So far, it appears that
the cryptographic standards and protocols implemented by the Tor devs
appear to be holding, which I find interesting. The NSA has been trying
other methods to figure out Tor, including identifying and then
infecting user machines, trying to control/hijack the Tor network, or by
influencing the network as a whole, and they've had a very small amount
of success, but not much. One thing that was especially interesting to
me (and I expect to everyone on this mailing list) is that they are
trying to control more relays via cooperation or direct access, which
can then be used for timing attacks or disruptions to the users. They
are also trying to shape traffic to friendly exits. For anyone
interested, I would highly recommend these links:
http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
http://www.bbc.co.uk/news/technology-24429332
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption
Also, from
http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-internet-anonymity
it appears that their opinion of Tails is that it "adds severe CNE
misery to [the] equation". These are all highly informative articles,
and it appears that Tor is remaining resilient to their efforts, as long
as people (including relay/exit operators) use the latest software,
remain aware that Tor doesn't protect them in all aspects, and as long
as there are enough non-NSA relays and exits (we need more!) such that
everything they see still remains encrypted and anonymous. Interesting I
say.
Jesse V.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131008/3d8d487c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131008/3d8d487c/attachment.sig>
More information about the tor-relays
mailing list